Please help us continue to provide you with free, quality journalism by turning off your ad blocker on our site.

Thank you for signing in.

If this is your first time registering, please check your inbox for more information about the benefits of your Forbes account and what you can do next!

I agree to receive occasional updates and announcements about Forbes products and services. You may opt out at any time.

I'd like to receive the Forbes Daily Dozen newsletter to get the top 12 headlines every morning.

Forbes takes privacy seriously and is committed to transparency. We will never share your email address with third parties without your permission. By signing in, you are indicating that you accept our Terms of Service and Privacy Statement.

If you are still thinking about clinging on to Windows 7, the risks are "crazy high"

Getty Images

Windows 7 is, as of today, officially dead. It is no more; it has ceased to be, it's expired and gone to meet its maker, it's joined the choir invisible: this is an ex-operating system. Apart from the fact that, for millions of users, it isn't. While the ten-year product support lifecycle has now expired, meaning Microsoft will discontinue official support including technical assistance and security updates through Windows Update functionality, many will keep on keeping on with Windows 7 regardless. With a reported 32.74% share of the global Windows desktop OS market, and much higher in China, that's a lot of people. And a lot of computers likely to be exposed to new security threats for which there will be no fix. Microsoft is expected to release a Patch Tuesday update today, which may well not include Windows 7, that covers a rumored "extraordinarily serious" crypto-security vulnerability. But that's not the only crypto problem facing Windows 7 users now, and in the non-supported future. Take this Windows 7 crypto-mining exploit attack that has been found hiding in audio WAV files, for example.

The Windows 7 audio WAV files crypto threat

Ophir Harpaz and Daniel Goldberg, two security researchers at Guardicore Labs, have today revealed how a medium-sized medical tech sector business was attacked by cryptominers using WAV audio files to obfuscate the malware.

The Guardicore research journey began in October 2019, when multiple blue screens of death started appearing on Windows machines in the target network. Investigations revealed that more than 50% of the network, some 800 endpoints, were accessing suspicious data in a registry key. The command line was a base-64 encoded Powershell script. To cut this long and technical story short, by reverse-engineering the malware payload, the Guardicore researchers found a Monero crypto-mining module, making use of steganography to hide inside audio WAV files.

The Windows 7 WAV file risk post-EoL

I spoke to Daniel Goldberg, a senior cybersecurity researcher at Guardicore Labs and one of the report authors, to ask what the risk-level for those still running Windows 7 from today is likely to be. "The risks are crazy high to organizations facing this WAV-based attack if they are running a Windows 7 system after EoL," Goldberg says, "before the quarter is over, there will be other vulnerabilities discovered in Windows 7 too that will not be fixed by Microsoft and will also be easy to exploit." He described the WAV-based attack threat to Windows 7 as being "like a hot knife through butter."

So, other than upgrading to Windows 10, what mitigation advice is there for those who will not or cannot make a move away from Windows 7? "Segment machines you can't support away from the internet and the rest of your network," Goldberg says, "your old windows 7 machine running this critical but obsolete application should not be accessible from the internet, or most of the machines in your networks."

Windows 7 security threats: the best offense is a good defense

"Businesses must be responsible, and act in favor of their customers, who trust them with their information, by updating their systems," Terry Ray, senior vice-president and fellow at Imperva said, "if not, they will face severe consequences which will come at a huge cost to the customer, and the future of the business." Arguing that the best offense is a good defense, Terry said, "simply put, don’t fall victim and instead, upgrade to up to date systems which generate regular security updates and have the right systems in place to deter attacks."

I'm a three-decade veteran technology journalist and have been a contributing editor at PC Pro magazine since the first issue in 1994. A three-time winner of the BT

…

I'm a three-decade veteran technology journalist and have been a contributing editor at PC Pro magazine since the first issue in 1994. A three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) I was also fortunate enough to be named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro called 'Threats to the Internet.' In 2011 I was honored with the Enigma Award for a lifetime contribution to IT security journalism. Contact me in confidence at davey@happygeek.com if you have a story to reveal or research to share.